Finder
CVE-ID: CAN-2005-0342
Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9
Impact: Unsafe handling of .DS_Store files could be used by local
attackers to overwrite files and lead to privilege escalation
Description: Finder uses .DS_Store files to store and retrieve
information used to display folders on the system. When writing
these files, Finder could follow a link resulting in the overwrite
of an arbitrary file. In addition, these files could contain data
supplied by malicious users, allowing them to gain privileges by
altering system configuration files. Security Update 2005-005
addresses this issue by updating Finder to check that .DS_Store
files are not links before writing to them.
You can get a few references at the Apple Developer website [ http://
www.apple.com/developer ] if you do a search for "DS_Store". Two of
those are:
Software Distribution: Distributing Software With Internet-
Enabled ... - Size: 24k
... directly to the destination. Any hidden files, such as
a .DS_Store file or a folder
background image, are not copied. If there are ...
<http://developer.apple.com/documentation/DeveloperTools/Conceptual/
SoftwareDistribution/Concepts/sd_disk_images.html>
Manual Page For hdiutil(1) - Size: 84k
... ISO9660/Joliet). -keep-mac-specific Expose Macintosh-specific
files (such
as .DS_Store) in non-HFS+ filesystems (ISO9660/Joliet). -udf ...
<http://developer.apple.com/documentation/Darwin/Reference/ManPages/
man1/hdiutil.1.html>
-Shawn
___________________________________________
Shawn Geddis
Security Consulting Engineer
Apple Computer - US Federal Government
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/fed-talk/email@hidden
This email sent to email@hidden
